Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 235798 (CVE-2008-4982) - app-forensics/rkhunter: audit wrt insecure temp file usage (CVE-2008-4982)
Summary: app-forensics/rkhunter: audit wrt insecure temp file usage (CVE-2008-4982)
Alias: CVE-2008-4982
Product: Gentoo Security
Classification: Unclassified
Component: Auditing (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
Depends on:
Blocks: 194832 debian-tempfile
  Show dependency tree
Reported: 2008-08-26 17:04 UTC by Christian Hoffmann (RETIRED)
Modified: 2008-11-08 00:22 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Christian Hoffmann (RETIRED) gentoo-dev 2008-08-26 17:04:56 UTC
See $URL and bug 235770.
Comment 1 Christian Hoffmann (RETIRED) gentoo-dev 2008-08-26 17:09:24 UTC
All in-tree versions (1.2.7-r1, 1.2.8, 1.2.9) only install scripts which either use mktemp properly or place temporary files in a pre-created directory which is owned by the super user.
The user may change this path using the --tmpdir option in some cases, but even in that case rkhunter warns about it if the user tries to use /tmp.

Debian ships a newer version of this package, so we should be careful when bumping.

Currently not affected
Might be affected in the future if new versions of rkhunter find their way into the tree.

BTW: Several scripts in the tarball look like they are vulnerable to temporary file issues, but we don't install those.